A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Drop in a screenshot and convert it to clean code (HTML/Tailwind/React/Vue)

30 days of Python programming challenge is a step-by-step guide to learn the Python programming language in 30 days. This challenge may take more than 100 days, follow your own pace. These videos m…

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

🍊 📊 💡 Orange: Interactive data analysis

IntelOwl: manage your Threat Intelligence at scale

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

Tool for Active Directory Certificate Services enumeration and abuse

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

Perfect DLL Proxying using forwards with absolute paths.

Execute commands interactively on remote Windows machines using the WinRM protocol

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

Bounces when a fish bites - Evilginx database monitoring with exfiltration automation

DNSChef (NG) - DNS proxy for Penetration Testers and Malware Analysts

Client-side Encrypted Upload Server Python Script

Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing